Antonio Norales

**Name of the Vulnerable Software and Affected Versions** Pure-FTPd version 1.0.49 **Description** An issue has been discovered related to an uninitialized pointer vulnerability in the diraliases linked list. The `lookup alias(const char alias)` or `print aliases(void)` function fails to correctly detect the end of the linked list, resulting in an attempt to access a non-existent list member. This issue is related to the `init aliases` function in diraliases.c. **Recommendations** For Pure-FTPd version 1.0.49, consider disabling the `lookup alias` and `print aliases` functions as a temporary workaround until a patch is available. Restrict access to the diraliases linked list to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.